Description

It was detected that your web application uses HTTP protocol, but doesn't automatically redirect users to HTTPS.

Remediation

It's recommended to implement best practices of HTTP Redirection into your web application. Consult web references for more information

References

HTTP Redirections

Related Vulnerabilities

WordPress admin accessible without HTTP authentication

WordPress configuration file weak file permissions

Content Security Policy (CSP) Nonce Value Not Used Within Single Quotes

Spring Misconfiguration: HTML Escaping disabled

Spring Boot Misconfiguration: MongoDB credentials stored in the properties file

Severity

Medium

Classification

CWE-16 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Sensitive Data Not Over Ssl